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Claims: 

1. (Previously Presented) A system for real-time vulnerability assessment of a 
host/device, said system comprising: 

an agent running on the host/device, said agent comprising: 

an executable agent module configured to track the status of interfaces and ports 
on the interfaces of the host/device and to store the information as information entries, 

said executable agent module configured to compare the entries to determine a 
change in the status of interfaces and/or of ports on the interfaces of the host/device, 

a remote destination server comprising: 

an executable server module configured to receive the information entries 
communicated by the executable agent module, 

said executable server module configured to store the received information 
entries, wherein the information entries indicate the state of each of the ports on each of 
the active interfaces of the host/device, 

said executable server module configured to compare the received information 
entries to determine the change in the status of interfaces and ports on the interfaces of 
the host/device, and 

said executable server module configured to run vulnerability assessment tests 
on the host/device in the event of a change in the status of interface/ports. 



2. (Previously Presented) The system of claim 1 wherein said executable server module 
is configured to receive and update the vulnerability data in a vulnerability database whenever 
new vulnerabilities are discovered, and wherein said executable server module is configured to 
test the host/device for the new vulnerabilities whenever the vulnerability database is updated 
with new vulnerabilities, and to determine the new vulnerabilities 



3. (Withdrawn) 
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4. (Withdrawn) 



5. (Currently Amended) The system of claims 1 and 4, wherein status of an interface is 
either active or inactive. 



6. (Currently Amended) The system of claims 1 and 4 , wherein status of a port is a 
service listening on the port or not. 



7. (Currently Amended) The system of claims 1 and 4 , wherein the agent tracks the 
change in status of ports/interface by monitoring in real-time or polling at periodic intervals for 
the status of ports/interfaces and storing the entries at various time intervals. 



8. (Currently Amended) The system of claims 1 and 4 , wherein the communication 
protocol between the host/device and the destination server is a standard transport level utility 
selected from sockets or any other standard communication protocol. 

9. (Currently Amended) The system of claims 1 and 4 , wherein the server executable 
module compares the entries corresponding two consecutive time intervals. 



10. (Currently Amended) The system of claims 1 and 4, wherein the host/device is 
selected from a switch, a router, a device running a standard real-time operating system, a 
mobile device or a PDA. 



11. (Currently Amended) The system of claims 1 and 4 , wherein the host/device is an 
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enterprise/consumer machine running with Windows, Unix, Linux, VxWorks, Symbian or 
PalmOS. 



12. (Currently Amended) The system of claims 1 and 4, wherein the changes that are 
communicated to the destination server consisting of the IP address of the interface(s) and the 
port numbers on which listening sen/ices have started or stopped on the particular interface(s). 



13. (Currently Amended) The system of claims 1 and 4, wherein the status of the port 
consists of separate statuses for TC and UD protocols. 



14. (Currently Amended) The system of claims 1 and 4, wherein plurality of 
hosts/devices is tracked in conjunction with one or more destination servers handling the 
host/devices. 



15, (Currently Amended) Logic encoded in a program stored in a computer readable 
storage media for real-time vulnerability assessment of a host/device, and operable to perform 
the following steps: 

tracking in real-time the status of interfaces and/or of the ports on a host/device ; 

communicating a change in the status of the interfaces and/or the status of ports of the 
host/device to a remotely located destination server on the network, 

tracking in real-time the reported status of ports and interfaces of the host/device by the 
destination server, and 

conducting vulnerability assessment tests on the host/device by the destination server in 
the event of a change in the status of interfaces and/or ports of the host/device. 
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16. (Withdrawn) 



17. (Currently Amended) The logic of claims 15 and 16 , wherein the status of an 
interface is either active or inactive. 



18. {Currently Amended) The logic of claims 15 and 16 , wherein status of a port is a 
service listening on the port or not. 



19. (Currently Amended) The logic of claims 15 and 16 ? wherein the status of the port 
consists of separate statuses for TC and UD protocols. 



20. (Currently Amended) The logic of claims 15 and 16 , wherein tracking consists of 
monitoring in real-time or polling at periodic intervals for the status of ports/interfaces on the 
host/device. 



21. (Currently Amended) The logic of claims 15 and 16 , wherein the communication 
protocol between the host/device and the destination server is a standard transport level utility 
selected from sockets or any other standard communication protocol. 



22. (Currently Amended) The logic of claims 15 and 16 , wherein the host/device is 
selected from a switch, a router, a device running a standard real-time operating system, a 
mobile device or a PDA. 



23. (Currently Amended) The logic of claims 15 and 16 , wherein the host/device is an 
enterprise/consumer machine running with Windows, Unix, Linux. VxWorks Symbian or 
PalmOS. 
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24. (Currently Amended) The logic of claims 15 and 16 , wherein the changes that are 
communicated to the destination server consisting of the IP address of the interface(s) and the 
port numbers on which listening services have started or stopped on the particular interface(s). 



25. (Currently Amended) The logic of claims 15 and 16 , wherein the information that is 
communicated from the host/device to the destination server is the names of the services. 



26. (Currently Amended) The logic of claims 15 and 16 , wherein the information that is 
communicated from the host/device to the destination server is a message signaling a change 
in the status of interfaces and/or ports on the host/device. 



27. (Currently Amended) The logic of claims 15 and 16 ? wherein the vulnerability 
assessment server used by the destination server is updated with the new vulnerabilities to test 
the presence of vulnerabilities. 



28. (Currently Amended) The logic of claims 15 and 16 , wherein a plurality of 
hosts/devices are tracked in conjunction with plurality of destination servers handling the 
host/devices. 



29. (Currently Amended) A computer-implemented method for real-time vulnerability 
assessment of a host/device, said method comprising: 

tracking in real-time the status of interfaces and ports on the host/device; 

collecting and storing the status as information entries; 

comparing the entries to determine any change in the status of interfaces and/or the 
status of ports on the interfaces of the host/device; 
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communicating the changes to a remotely located destination server on the network; 

storing said changes as entries in the destination server wherein the entries indicate the 
state of each of the ports on each of the active interfaces of the host/device as reported; 

comparing the entries stored at the destination server to determine if there is any change 
in the status of interfaces and ports on the interfaces of the host/device as reported to it; and 

running vulnerability assessment tests on the host/device by the destination server and 
reporting the results. 



30. (Withdrawn) 



31. (Currently Amended) The method of claims 29 and 30 , wherein the status of an 
interface is either active or inactive. 



32. (Currently Amended) The method of claim 29 and 30 , wherein the status of a port is 
a service listening on the port or not. 



33. (Currently Amended) The method of claim 29 and 30 , wherein the agent tracks the 
change in status of ports/interface by monitoring in real-time or polling at periodic intervals for 
the status of ports/interfaces and storing the entries at various time intervals. 



34. (Currently Amended) The method of claim 29 and 30 , wherein the communication 
protocol between the host/device and the destination server is a standard transport level utility 
selected from sockets or any other standard communication protocol. 



35. (Currently Amended) The method of claim 29 and 30 , wherein the server executable 
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module compares the entries corresponding two consecutive time intervals. 



36. (Currently Amended) The method of claim 29 and 30 , wherein the changes that are 
communicated to the destination server consisting of the IP address of the interface(s) and the 
port numbers on which listening services have started or stopped on the particular interface(s). 



37. (Currently Amended) The method of claim 29 and 30 , wherein the status of the port 
consists of separate statuses for TC and UD protocols. 



38. (Currently Amended) The method of claim 29 and 30 , wherein plurality of 
hosts/devices is tracked in conjunction with one or more destination servers handling the 
host/devices. 
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